mailcow-dockerized
mailcow-dockerized copied to clipboard
mailcow
Adding dependabot config (for Dockerfiles)
Seems the config is wrong, I fixed it by testing to
version: 2
updates:
- package-ecosystem: docker
directory: "/data/Dockerfiles"
schedule:
interval: daily
time: "04:00"
target-branch: "staging"
pull-request-branch-name:
separator: "-"
open-pull-requests-limit: 10
Also then getting this error
Dependabot couldn't find a Dockerfile
Dependabot couldn't find a Dockerfile.
Dependabot requires a Dockerfile to evaluate your Docker dependencies. It had expected to find one at the path: /data/Dockerfiles/Dockerfile.
If this isn't a Docker project, you may wish to disable updates for it in the .github/dependabot.yml config file in this repo.
Seems dependabot cant into recursive folder search what I saw after googling for some secs https://github.com/dependabot/feedback/issues/145
I would use a config like this:
version: 2
updates:
# acme
- package-ecosystem: docker
directory: "/data/Dockerfiles/acme"
schedule:
interval: daily
time: "04:00"
timezone: "Europe/Berlin"
target-branch: "staging"
pull-request-branch-name:
separator: "-"
open-pull-requests-limit: 10
# reviewers:
# - "andryyy"
# clamd
- package-ecosystem: docker
directory: "/data/Dockerfiles/clamd"
schedule:
interval: daily
time: "04:00"
timezone: "Europe/Berlin"
target-branch: "staging"
pull-request-branch-name:
separator: "-"
open-pull-requests-limit: 10
# reviewers:
# - "andryyy"
# dockerapi
- package-ecosystem: docker
directory: "/data/Dockerfiles/dockerapi"
schedule:
interval: daily
time: "04:00"
timezone: "Europe/Berlin"
target-branch: "staging"
pull-request-branch-name:
separator: "-"
open-pull-requests-limit: 10
# reviewers:
# - "andryyy"
# dovecot
- package-ecosystem: docker
directory: "/data/Dockerfiles/dovecot"
schedule:
interval: daily
time: "04:00"
timezone: "Europe/Berlin"
target-branch: "staging"
pull-request-branch-name:
separator: "-"
open-pull-requests-limit: 10
# reviewers:
# - "andryyy"
# netfilter
- package-ecosystem: docker
directory: "/data/Dockerfiles/netfilter"
schedule:
interval: daily
time: "04:00"
timezone: "Europe/Berlin"
target-branch: "staging"
pull-request-branch-name:
separator: "-"
open-pull-requests-limit: 10
# reviewers:
# - "andryyy"
# olefy
- package-ecosystem: docker
directory: "/data/Dockerfiles/olefy"
schedule:
interval: daily
time: "04:00"
timezone: "Europe/Berlin"
target-branch: "staging"
pull-request-branch-name:
separator: "-"
open-pull-requests-limit: 10
# reviewers:
# - "andryyy"
# phpfpm
- package-ecosystem: docker
directory: "/data/Dockerfiles/phpfpm"
schedule:
interval: daily
time: "04:00"
timezone: "Europe/Berlin"
target-branch: "staging"
pull-request-branch-name:
separator: "-"
open-pull-requests-limit: 10
# reviewers:
# - "andryyy"
# postfix
- package-ecosystem: docker
directory: "/data/Dockerfiles/postfix"
schedule:
interval: daily
time: "04:00"
timezone: "Europe/Berlin"
target-branch: "staging"
pull-request-branch-name:
separator: "-"
open-pull-requests-limit: 10
# reviewers:
# - "andryyy"
# rspamd
- package-ecosystem: docker
directory: "/data/Dockerfiles/rspamd"
schedule:
interval: daily
time: "04:00"
timezone: "Europe/Berlin"
target-branch: "staging"
pull-request-branch-name:
separator: "-"
open-pull-requests-limit: 10
# reviewers:
# - "andryyy"
# sogo
- package-ecosystem: docker
directory: "/data/Dockerfiles/sogo"
schedule:
interval: daily
time: "04:00"
timezone: "Europe/Berlin"
target-branch: "staging"
pull-request-branch-name:
separator: "-"
open-pull-requests-limit: 10
# reviewers:
# - "andryyy"
# solr
- package-ecosystem: docker
directory: "/data/Dockerfiles/solr"
schedule:
interval: daily
time: "04:00"
timezone: "Europe/Berlin"
target-branch: "staging"
pull-request-branch-name:
separator: "-"
open-pull-requests-limit: 10
# reviewers:
# - "andryyy"
# unbound
- package-ecosystem: docker
directory: "/data/Dockerfiles/unbound"
schedule:
interval: daily
time: "04:00"
timezone: "Europe/Berlin"
target-branch: "staging"
pull-request-branch-name:
separator: "-"
open-pull-requests-limit: 10
# reviewers:
# - "andryyy"
# watchdog
- package-ecosystem: docker
directory: "/data/Dockerfiles/watchdog"
schedule:
interval: daily
time: "04:00"
timezone: "Europe/Berlin"
target-branch: "staging"
pull-request-branch-name:
separator: "-"
open-pull-requests-limit: 10
# reviewers:
# - "andryyy"
Also we can also add something like this
commit-message:
# Prefix all commit messages with "[Dockerfile]"
prefix: "[Dockerfile]"
See my test here which I did in some mins: https://github.com/MAGICCC/mailcow-dockerized/pulls/app%2Fdependabot
I wonder if it can also upgrade to a newer major release for e.g. debian? buster -> bullseye
I wonder if it can also upgrade to a newer major release for e.g. debian? buster -> bullseye
nope, https://docs.github.com/en/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates#about-dependabot-version-updates states that it uses semver, which does not support this.
@MAGICCC you are totally true ... I forgot about that dependabot doesn't work recursive. Do you wonna start a new PR or should I fix up mine?
I would like to wait for @andryyy answer. I like the idea, but we need to implent tests (maybe github actions?) if everything is building right etc.
